From: Dirk Farin <dirk.farin@gmail.com>
Date: Sat, 4 Mar 2023 09:32:43 +0000 (+0100)
Subject: [PATCH] check whether referenced PPS exists (fixes #393)
X-Git-Tag: archive/raspbian/1.0.11-0+deb10u5+rpi1^2~4
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=b21221fcbcfcc6f9f3ba9e0d5f26b049e70e927d;p=libde265.git

[PATCH] check whether referenced PPS exists (fixes #393)


Gbp-Pq: Name CVE-2023-27102.patch
---

diff --git a/libde265/decctx.cc b/libde265/decctx.cc
index 8881c0c..3eb5daa 100644
--- a/libde265/decctx.cc
+++ b/libde265/decctx.cc
@@ -2276,9 +2276,10 @@ bool decoder_context::process_slice_segment_header(slice_segment_header* hdr,
   // get PPS and SPS for this slice
 
   int pps_id = hdr->slice_pic_parameter_set_id;
-  if (pps[pps_id]->pps_read==false) {
+  if (pps[pps_id]==nullptr || pps[pps_id]->pps_read==false) {
     logerror(LogHeaders, "PPS %d has not been read\n", pps_id);
-    assert(false); // TODO
+    img->decctx->add_warning(DE265_WARNING_NONEXISTING_PPS_REFERENCED, false);
+    return false;
   }
 
   current_pps = pps[pps_id];